44CON 2017 Training

All training courses will be run between the 11th and 13th September 2017 at etc venues The Hatton except Saumil Shah’s course which will run at etc venues Marble Arch and Brian Butterly & Hendrik Schmidt’s course which will take place at a venue to be confirmed.

This training is focused on exploitation of different Windows Kernel Mode vulnerabilities. We will cover basics of Windows Kernel Internals and hands-on fuzzing of Windows Kernel Mode drivers.

We will dive deep into exploit development of various kernel mode vulnerabilities. We will also look into different vulnerabilities in terms of code and the mitigations applied to fix the respective vulnerabilities.

This training assumes that the attendees have less or no prior experience with Windows Kernel Internals and Kernel land as well as User land exploitation techniques.

This is the first time Social Engineering Engagement Framework (SEEF) author offers an in-person public workshop. Normally the workshops and briefings are closed-group private enterprise or Government only workshops. Profit from first-hand knowledge and experience of a social engineering and information security professional with 20 years of experience. What you will learn: Tools and techniques to plan, execute and manage social engineering engagements. What can and will be used against you, your employees and your organization. This training will provide the skills to detect, defend and assess social engineering attacks and the associates risk with it. You will learn the motivations and methods used by social engineers enabling you to better protect yourself and your organization.

The course is oriented around a few common market devices: GPS trackers, automotive trackers with immobilizers, smart meters and small scale industrial control systems. While demonstrations will be performed on the actual devices, the attendees will work on cellular development boards which basically emulate the behavior identified on the practical device. To be able to use actual cellular communications basestations, custom SIM cards and basic VMs will be provided, together with a cable setup which offers a simple solution for circumventing potential legal issues.

Ensuring the security of web applications in continuous delivery environments is an open challenge for many organizations. Traditional application security practices slow development and, in many cases, don’t address security at all. Instead, a new approach based on security automation and tactical security testing is needed to ensure important components are being tested before going live. Security professionals must master their tools to improve the efficiency of manual security testing as well as to deploy custom security automation solutions.

Based on this premise, we have created a brand-new class taking advantage of Burp Suite – the de-facto standard for web application security. In two days, we show you how to use Burp Suite’s extension capabilities and unleash the power of the tool to improve efficiency and effectiveness during security audits.

This course introduces and explores attacks on several different relatively accessible interfaces on embedded systems. Attendees will get hands-on experience implementing and deploying a number of low-cost hardware devices to enable access, privilege, and deception which is in some cases imperceptible from software.We’ll examine UART, JTAG and SPI interfaces on embedded devices, representative of a wide range of embedded devices that span consumer electronics, medical devices, industrial control hardware, and mobile devices. We will observe, interact with, and exploit each interface to use physical access to enable software privilege.

The network forensics training class consists of a mix of theory and hands-on labs, where students will learn to analyze Full Packet Capture (FPC) files. The scenarios in the labs are primarily focused at network forensics for incident response, but are also relevant for law enforcement/internal security etc. where the network traffic of a suspect or insider is being monitored.

Penetration Tests and Red Team operations for secured environments need altered approaches. You cannot afford to touch disk, throw executables and use memory corruption exploits without the risk of being ineffective as a simulated adversary. To enhance offensive tactics and methodologies, PowerShell is the tool of choice.

PowerShell has changed the way Windows networks are attacked. It is Microsoft’s shell and scripting language available by default in all modern Windows computers. It could interact with .Net, WMI, COM, Windows API, Registry and other computers on a Windows Domain. This makes it imperative for Penetration Testers and Red Teamers to learn PowerShell.

This training is aimed towards attacking Windows network using PowerShell and is based on real world penetration tests and Red Team engagements for highly secured environments. The course runs as a penetration test of a secure environment with detailed discussion and use of custom PowerShell scripts in each phase.

The Web Application Hacker’s Handbook (WAHH) Series is the most deep and comprehensive general purpose guide to hacking web applications that is currently available. This course is a practical opportunity to take the skills and theory taught in the book to the next level, experimenting with all of the tools and techniques against numerous vulnerable web applications and labs, under the guidance of the book’s authors. The course also includes new material from the second edition of WAHH, bringing the course right up to date with the latest attacks.

ARM has emerged as the leading architecture in the Internet of Things (IoT) world. The all new ARM IoT Exploit Laboratory is a fast paced 3-day intermediate level class intended for students who want to take their exploit writing skills to the ARM platform. The class covers everything from an introduction to ARM assembly all the way to Return Oriented Programming (ROP) on ARM architectures. Our lab environment features hardware and virtual platforms for exploring exploit writing on ARM based Linux systems and IoT devices.

The class concludes with an end-to-end “Firmware-To-Shell” hack, where we extract the firmware from a popular SoHo router, build a virtual environment to emulate and debug it, and then use the exploit to gain a shell on the actual hardware device.